-
A critical vulnerability (CVE-2025-34352) found by XM Cyber in the JumpCloud Remote Assist for Windows agent allows local users to gain full SYSTEM privileges. Businesses must update to version 0.317.0 or later immediately to patch the high-severity flaw.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft’s December 2025 security update has introduced a significant compatibility issue affecting Message Queuing (MSMQ) functionality across Windows Server and client environments. The problematic update, identified as KB5071546 (OS Build 190…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers at Insikt Group have uncovered new infrastructure linked to multiple operational clusters associated with Israeli spyware vendor Candiru, revealing an ongoing campaign deploying the sophisticated DevilsTongue malware against Windows users a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has acknowledged a frustrating new issue affecting users of the “new Outlook” for Windows, where Excel attachments fail to open if their filenames contain non-ASCII characters. The technical glitch, tracked under the reference ID EX1189359, triggers a vague error message advising users to “Try opening the file again later,” leaving many confused about the […] The post Microsoft Confirms New Outlook Bug Blocking Excel Attachments appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals have found a more effective method to compromise Windows computers while evading detection by security software. Ivan Spiridonov observed that uploading malicious tools, hackers are now using legitimate Windows programs already installed on target systems, a tactic known as “living off the land” (LOLBins, or Living Off the Land Binaries). Unlike traditional attacks that […] The post Hackers are Moving to “Living Off the Land” Techniques to Attack Windows Systems Bypassing EDR appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have confirmed that KimJongRAT, a sophisticated remote access Trojan attributed to the Kimsuky group and believed to be backed by North Korea, is being actively distributed via weaponized .hta files targeting Windows users. The dis…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have discovered that modern attackers are abandoning traditional offensive tools and instead weaponizing legitimate Windows utilities to conduct cyberattacks without triggering security alarms. This shift in tactics, known as ̶…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has confirmed a bizarre user interface bug affecting Windows 11 version 24H2 devices that renders the password sign-in icon invisible on the lock screen. The issue, stemming from the August 2025 non-security preview update (KB5064081) and persisting in subsequent cumulative updates, has left many users confused when switching between authentication methods. The glitch impacts […] The post Windows 11 24H2 Update Hides the Password Icon in the Sign-in Options on the Lock Screen appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has confirmed that FIDO2 security keys on Windows 11 may now prompt users to set up a PIN during authentication following specific recent updates, aligning with WebAuthn standards for enhanced user verification. The change began with the September 29, 2025, preview update KB5065789 for OS Builds 26200.6725 and 26100.6725, rolling out gradually to Windows […] The post Microsoft Security Keys May Require PIN After Recent Windows Updates appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Huntress have uncovered a sophisticated ClickFix campaign that leverages steganography to conceal malicious code within PNG images disguised as Windows Update screens. The attack chain delivers multiple variants of informat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
